GENERAL TERMS AND CONDITIONS
These General Terms and Conditions shall apply to the provision of the services and related hardware (hereinafter referred to as “Service”) by Curify Oy (hereinafter referred to as “Curify”) and you (hereinafter referred to as the “Customer”). Together with the terms of the offer, they constitute the agreement (“Agreement”).
These General Terms and Conditions shall apply to the agreement, in connection to which these General Terms and Conditions have for the first time been delivered to the Customer. Once these General Terms and Conditions have been applied, they shall constitute the commercial custom between the Parties and thus apply to all future agreement22
Curify’s offer shall be valid for a period of thirty (30) days from the date of the offer, unless otherwise specified in the offer.
3. PRICES AND PAYMENT TERM
The prices given by Curify in the agreement, price list or offer are valid until further notice. Unless otherwise specified, the prices are quoted in Euro.
During the contract period, Curify may adjust the price(s) of the Service in relation to the general cost trend for providing the Service and acquiring needed hardware, material or spare parts. Changes enter into force thirty (30) days after being communicated to the Customer. The Customer shall be entitled to request a written explanation of the cost trend and reason for the price adjustment.
Curify is entitled to invoice as follows:
Setup fees: In advance upon conclusion of the agreement;
Monthly costs: Monthly in advance on the first day of each month.
Commission: Monthly in arrears on the first day of the next month. The Customer may need to report the usage. Curify Oy has audit right to usage.
The payment term of Curify’s invoices is fourteen (14) days from the date of the invoice. The interest rate on late payment is twelve (12) per cent.
In the event that any invoice remains unpaid fourteen (14) days after its due date, Curify is entitled to discontinue, withhold, or suspend the supply of the Service to the Customer.
Value added tax shall be invoiced from the Customer in accordance with to the legislation in force at the time of invoicing.
The Customer must always keep Curify informed of any and all changes that may affect invoicing.
4. ACCEPTANCE TEST AND DELIVERY
Curify shall inform the Customer in writing when the delivery is ready for the Customer’s acceptance test.
The Customer shall perform the acceptance test during a period lasting fourteen (14) days beginning from receipt of Curify’s notice that the delivery is ready for testing (hereinafter “Test Period”).
The Customer shall at its own expense perform the testing of the delivery to the extent it considers necessary.
The Customer is entitled to suspend the Test Period, if an error prevents testing, by informing Curify thereof in writing. The Test Period shall be suspended until the error has been corrected.
The Customer shall immediately inform Curify in writing of all errors detected in the delivery. Errors that do not substantially interfere with the use of the Service shall not prevent the acceptance of the delivery.
The delivery shall be considered as accepted by the Customer and delivered by Curify:
when the Customer informs Curify in writing that the Service has passed the acceptance test,
if the Customer has not informed Curify in writing of Service errors that prevent acceptance during the Test Period, or
when Curify has corrected all errors that prevent acceptance as reported in writing by the Customer during the Test Period.
5. DELAY OF DELIVERY
Curify shall be liable to pay the Customer liquidated damages amounting to 0.5 percent of the price for each beginning week of delay, excluding value added tax, of the part of the delivery whose acceptance is delayed from the agreed time schedule for reasons not attributable to the Customer. The maximum amount of liquidated damages is 7.5 percent of the price of such part of the delivery excluding value added tax.
Should the price partly or wholly comprise monthly fees, the liquidated damages shall be calculated on the total annual amount by multiplying such fees by twelve (12).
6. SOFTWARE LICENSE
Curify grants the Customer a non-exclusive, limited license to use the software included in the Service (hereinafter “Software”) for the purpose set out in the Agreement.
The Customer shall neither use the Software for any other purposes nor copy, duplicate, modify, reproduce, license or sublicense, transfer or convey the Software or parts thereof to anyone, without Curify’s prior written consent.
Notwithstanding the above, the Customer may make backup copies of the Software if necessary for using the Software.
Upon the expiration of the validity of the Agreement, the Customer must uninstall and remove all parts of the Software.
The Customer acknowledges that title to any hardware included in the delivery does not pass to the Customer, but remains with Curify (or a third party). The Customer is solely granted a right to use such hardware as part of the Service.
The Customer shall abide by any and all instructions on use provided by Curify. The Customer shall bear liability for any damage or loss to the hardware during the validity of the agreement. The Parties acknowledge that the hardware may be subject to ordinary wear and tear from normal use, which shall not be construed as damage.
Upon expiration of the agreement, the hardware shall be dealt with in accordance with the instructions provided by Curify.
Curify does not provide content. The Customer is solely responsible for acquiring the content to be used in the Service and ensuring that the acquired content is compatible with the Service.
9. DATA SECURITY
The Parties shall ensure compliance with the relevant rules and regulations related to data security, privacy in processing personal data and backup requirements.
The Parties shall specifically ensure that its premises are sufficiently protected against data security threats.
Each party shall make the necessary backups of data.
10. INTELLECTUAL PROPERTY RIGHTS
All intellectual property rights to the Service and its components belong to Curify or a third party. This Agreement does not transfer the title to any rights to the Customer.
Curify represents and warrants that Curify is the owner of the Service or otherwise has the right to grant the rights set forth in this Agreement.
In the event any breach or threatened breach of the foregoing representation and warranty, the Customer’s sole remedy shall be to promptly inform Curify of such breach or threatened breach, whereby Curify shall
procure, at Curify’s expense, the right to use the Service,
replace the Service or any part thereof that is in breach with software of comparable functionality the does not cause any breach, or
modify the Service to the extent necessary to end the breach.
In the event that none of the aforementioned options are available, either Party shall be entitled to terminate this Agreement with immediate effect. Any fees paid by the Customer in advance for the period after termination shall be refunded.
11. DAMAGES AND LIMITATION OF LIABILITY
Either Party shall be entitled to full compensation for the direct damages caused by the other Party’s breach of agreement.
Neither Party is liable for any indirect, incidental, consequential, sequential nor special damages of any nature whatsoever including without limitation loss of production, profits or any loss resulting from other agreement.
In no event shall Curify’s liability exceed the total amount of fees paid by the Customer, regardless of whether the Customer’s claim is based on agreement, tort, strict liability, product liability or otherwise.
The limitations set forth in this section shall not apply to breaches of sections 10 or 17 of these terms and conditions.
The Customer is solely responsible for use of the Service.
The Customer shall defend, indemnify and hold Curify harmless from any loss, claim, damage or liability (including, but not limited to, copyright or other immaterial right related claim by a third party), or whatsoever kind of nature, which may arise from using the Service in the Customer's course of business.
In the event of any breach or alleged breach of an agreed warranty, the Customer shall promptly notify Curify and provide the necessary information to Curify. The Customer's sole remedy shall be that Curify corrects the Service so that it operates in accordance with the warranty.
Curify renders corrections of a breach of warranty at Curify's principal place of business. If explicitly agreed upon between Curify and the Customer, Curify may render needed corrections at the delivery address or other location provided by the Customer.
This warranty shall not apply to the, if it or a part thereof has been modified without Curify’s written consent or if used improperly or in an operating environment not meeting the requirements.
If an alleged breach of warranty does not constitute a breach of warranty, Curify may charge the Customer for the services rendered in response to and incurred by the Customer's notification of breach of warranty. The fee for such services shall be in accordance with Curify's price list.
Curify's warranties set forth in this agreement are exclusive and in lieu of all other warranties, express or implied, including but not limited to, the implied warranties of merchantability and fitness for a particular purpose.
Curify is entitled to use a subcontractor to fulfill its obligations under this Agreement.
15. FORCE MAJEURE
Neither Party is liable for such delay or damages, which are due to reason falling outside the scope of control of a Party, provided that the Party affected could not reasonably have been expected to take such event into consideration while entering into the Agreement and could not avoid or overcome its effect.
If the fulfilment of the agreement is delayed by more than four (4) months due to force majeure, either Party shall have the right to cancel the agreement by informing the other Party thereof in writing.
An agreement in force until further notice may be terminated by either Party. The period of notice is six (6) months.
A Party is entitled to cancel the Agreement with immediate effect if the other Party is in breach of the Agreement and has failed to rectify its breach within thirty (30) days of receiving a notice that includes a specification of the breach and a threat to cancel the Agreement.
The Parties agree to keep the content of this Agreement and any material or information related to this Agreement or the Service confidential. Confidential material and information shall not be disclosed or used for any other purposes than fulfilling the obligations of this Agreement.
The aforementioned rules on confidential shall not apply to material and information that 1) is available to the public, 2) has been acquired from a third party without rules of confidentiality, 3) the receiving party knew or possessed prior to signing this Agreement, or 4) that the party has independently developed without using any information or material governed by these rules of confidentiality.
Either Party shall promptly stop using any confidential information or material and, unless otherwise agreed upon in writing, return any and all confidential information and material upon termination of this Agreement or if the confidential information and material is no longer needed to fulfill the obligations of this Agreement. Notwithstanding the above, the Parties are allowed to retain copies as required by law.
These rules of confidentiality enter into force upon signing of this Agreement and remain valid after the Agreement has been terminated.
Any notice required by this Agreement or given in connection with it, shall be in writing and shall be given to the appropriate party by personal delivery or by certified mail to the address specified in the Agreement. Any changes to the contact details must immediately be communicated to the other Party.
19. CHANGES AND ASSIGNMENT
All changes to the Agreement must be made in writing and validated by the signatures of both Parties.
Neither Party may, without the written consent of the other Party, transfer this Agreements or any rights, obligations or interests under this Agreement to a third party.
Notwithstanding the above, Curify shall be entitled to assign receivables relating to this Agreement to a third party. Curify shall inform the Customer of such assignment.
20. ENTIRE AGREEMENT
This Agreement constitutes the entire agreement between the Parties and terminates and supersedes all prior understandings or agreements, both oral and written, on the subject matter hereof.
If any term of this Agreement is held by a court of competent jurisdiction to be invalid or unenforceable, the this Agreement, including all of the remaining terms, will remain in full force and effect as if such invalid or unenforceable term had never been included.
Headings used in this Agreement are provided for convenience only and shall not be used to construe meaning or intent.
23. APPLICABLE LAW AND DISPUTE RESOLUTION
The material law of Finland shall be applied to this agreement, without reference to the conflict of laws principles and the UN Convention on Agreements for International Sale of Goods.
Any dispute, controversy or claim arising out of or relating to this agreement, or the breach, termination or validity thereof, shall be finally settled by arbitration in accordance with the Rules for Arbitration of the Finland Chamber of Commerce. The seat of arbitration shall be Helsinki, Finland, and the language shall be English. Notwithstanding the above, Curify shall have the right to claim receivables in the general courts of either Curify’s or the Customer’s domicile, at Curify option
Appendix 1: Data Processing Agreement
This Data Processing Agreement (“DPA”) is a part of the agreement for the Service whose terms and conditions are laid out in the Curify General Terms and Conditions (“Agreement”) between Curify Oy (“Curify”) and the customer (“Customer”). Curify and the Customer are each individually referred to as the Party and together as the Parties.
This DPA forms an integral part of the Agreement and shall apply to all processing of personal data under the Agreement. Where applicable and if not explicitly otherwise stated, the terms of the Agreement, such as governing law and dispute resolution, shall apply to this DPA. If the Agreement or any other document contains provisions regarding the processing of personal data that conflict with this DPA, this DPA shall have precedence.
The Customer is the controller under the General Data Protection Regulation (EU 2016/679, “GDPR”) and Curify processes personal data on behalf of the Customer as a processor when providing the Service. If and to the extent the Customer acts as a processor in relation to another controller, Curify shall act as a subprocessor.
The Customer is responsible for the lawful processing of personal data as well as compliance with the GDPR and other legislation regarding the processing of personal data. Where applicable, the Customer is responsible for having the required rights and necessary permissions to use and disclose personal data for the purposes set out in the Agreement. The Customer shall ensure that it is entitled to disclose the relevant personal data to Curify to process in accordance with the Agreement and this DPA to provide the Service.
The subject matter, categories, types of data and other details of the processing are described in Schedule 1 of this DPA (Description of the Processing).
PROCESSING OF PERSONAL DATA
Curify shall only process personal data in accordance with this DPA and documented instructions from the Customer unless required otherwise by EU or member state legislation. In such a case, Curify shall inform the Customer of the requirement before processing unless prevented by said legislation.
The Customer’s instructions are primarily in the Agreement and this DPA. Any other instructions must be commercially reasonable, compliant with applicable data protection legislation, and consistent with the Agreement. In case the Customer’s instructions require additional work by Curify, Curify has the right to charge reasonable costs of complying with the instructions from the Customer.
In case Curify considers any instruction given by the Customer to be in contravention to EU or member state legislation, Curify shall not be obliged to comply with such instruction and shall inform the Customer of that legal requirement.
Curify shall implement appropriate technical and organisational measures to protect the personal data within its area of responsibility in order to safeguard the data against unauthorized or unlawful processing or access and against accidental loss, destruction of personal data, taking into account the costs of implementation as well as the nature, scope, context and purposes of processing carried out by Curify, as well as the risks for the rights and freedoms of natural persons. The measures shall include, where appropriate and depending on the context: (i) the pseudonymization and encryption of personal data; (ii) the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and the Service; (iii) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing, and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
Curify shall ensure the persons processing personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
Taking into account the nature of the processing and where possible, Curify shall assist the Customer with appropriate technical and organisational measures to fulfil the Customer’s obligation to respond to requests regarding the data subject’s rights under Chapter III of the GDPR.
Taking into account the nature of the processing and the information available to Curify, Curify shall assist the Customer in ensuring compliance with the Customer’s obligations set out in Articles 32 to 36 of the GDPR (e.g. to perform security and data protection impact assessments, breach notifications and prior consultations of the competent supervisory authority).
Curify provides the Service from the EU/EEA, but some of the subprocessors of Curify operate globally. If the provision of the Service requires the transfer of personal data outside the EU/EEA to a country not recognized by the European Commission as having an adequate level of data protection, Curify shall ensure the transfer complies with Chapter V of the GDPR by using a valid transfer mechanism, such as standard contractual clauses adopted by the European Commission, and if necessary, implementing additional safeguards and carrying out a transfer impact assessment to ensure an appropriate level of protection of the personal data.
PERSONAL DATA BREACH
In case of a personal data breach concerning personal data processed on behalf of the Customer, Curify shall notify the Customer without undue delay upon becoming aware of a breach. Curify shall provide the Customer with sufficient information to allow the Customer to meet its obligations under the applicable data protection legislation. If all information is not available at once, Curify may supplement the information later without undue delay.
The Customer or an auditor appointed by the Customer shall have the right to audit the processing activities of Curify under this DPA to assess the compliance with this DPA and the applicable data protection legislation. The audit shall take place during ordinary business hours of Curify and with at least 30 days prior written notice. Each Party shall bear its own costs for any audits. Where an audit may lead to the disclosure of business or trade secrets of Curify, the Customer shall employ an independent expert to carry out the audit, and the expert shall agree to be bound by confidentiality to Curify’s benefit.
At the Customer’s request, Curify shall make available information necessary to demonstrate compliance with the GDPR.
The Customer gives its general authorization for Curify to engage subprocessors to process personal data in connection with the provision of the Service.
Curify shall be free to choose and change its subprocessors. Upon request, Curify shall inform the Customer of the subprocessors currently involved in the processing. In case there is a later change in subprocessors, Curify shall notify the Customer of such change and allow the Customer to object to the change on reasonable grounds related to data protection. If Curify is not willing or able to change the subprocessor objected to by the Customer, both Parties shall have the right to terminate the Agreement and this DPA.
Where Curify uses a subprocessor for the processing of personal data, it shall ensure data protection obligations of at least the same level as set out in this DPA shall apply to the subprocessor. Where a subprocessor fails to fulfil its data protection obligations, Curify shall remain liable to the Customer for the performance of the subprocessor’s obligations.
Schedule 1: Description of the Processing
PURPOSE OF THE PROCESSING
Personal data is processed to provide a user interface to the MiniLab, to manage the Service and user accounts to the Service.
CATEGORIES AND TYPES OF PERSONAL DATA
User account data
Service usage data
DURATION OF THE PROCESSING
Personal data shall be processed as long as the Agreement with the Customer remains in force, unless instructed otherwise by the Customer in accordance with the DPA.
Following the expiration of the Agreement Curify will delete the personal data within a reasonable time after the end of the customer relationship.
Google, MongoDB (Curify uses the Google Cloud and MongoDB platform to run the Service).